FlashRole is run by Asher Corporation Limited (England and Wales). This page is plain-language summary of how we handle personal data. It isn't legal advice; if you need that, speak to a professional.
If you sign up for an account, our treat that as you agreeing to this policy too — so the details you add and the way we process them are covered by what you read below.
1. Who we are
The site at https://flashrole.com ("FlashRole") is operated by us. For anything privacy-related, use privacy@flashrole.com.
2. What we collect
We only take what we need to run the product.
| Area | Examples | Why |
|---|---|---|
| Account | Email, name, and how you sign in. With Clerk you may also have a profile image from your IdP; with email sign-in we store your email and a password hash on our systems. | We need this to run your account. |
| Career content | CV text, job descriptions, interview notes, and anything else you paste or upload for analysis. | You asked us to process it to give you outputs. |
| Usage & device | Rough technical data such as pages used, session length, browser type, IP address, and logs for security. | Keeping the service secure and understanding what breaks. |
| Billing | What Stripe needs to charge you (we never see full card numbers). | Taking payment and meeting tax rules. |
| Support | Emails you send to our support inbox. | Answering you. |
We don't set out to collect special-category data (health, religion, etc.). Don't paste that into the app unless you’re comfortable with it being processed like any other text you submit.
3. How we use it
- Run your account and sign-in.
- Analyse what you submit and generate suggestions (CV feedback, cover letters, interview help, and similar features).
- Bill subscriptions and credit packs.
- Send transactional email (sign-up, password reset, receipts) where applicable.
- Stop abuse and fix outages.
- Obey the law.
We don't sell your personal data and we don't run ad targeting off it.
4. Who else sees it
We use a small set of processors. They only get what they need to do their job.
| Supplier | Role | Notes |
|---|---|---|
| Clerk | Optional sign-in (e.g. Google), if your product build uses Clerk. | US / per their DPA |
| Our own API & database | Email accounts, sessions, and stored career sessions when you’re not on Clerk-only mode. | Hosted with our infrastructure provider |
| OpenAI | Model calls for drafting and scoring text you send into the product. | US / their DPA & terms |
| Stripe | Payments. | Per Stripe’s terms |
| Resend | Transactional email when we send from our stack. | Per Resend’s terms |
| Hosting (e.g. Railway, Vercel) | Servers, builds, CDN as configured for your deployment. | Per each vendor |
If you’re in the UK or EEA, transfers outside those areas rely on whatever mechanism applies at the time (for example UK/EU adequacy decisions or standard contractual clauses). We don’t list every sub-subprocessor here; ask if you need detail for a vendor screening.
5. How long we keep things
| Type | Retention |
|---|---|
| Account & career data in the product | Until you delete the account, then roughly 30 days unless we must keep something longer for law or dispute. |
| Invoices / tax | As long as the law requires (often several years). |
| Server logs | Short retention (on the order of weeks to a few months) unless needed longer for an incident. |
| Support email | Long enough to finish the conversation and handle follow-ups. |
6. Your rights (UK / EU / EEA)
You may have rights to access, correct, delete, restrict, object, or port your data, and to complain to a regulator.
Start with privacy@flashrole.com and we’ll respond within a month in normal circumstances. In the UK the ICO is at ico.org.uk.
7. Cookies
Short version: essentials for login and checkout, no ad networks. Detail is in our .
8. Children
FlashRole isn’t meant for children under 16. If you think we’ve got data from a child by mistake, email privacy@flashrole.com.
9. Security
We use HTTPS, limit access to production systems, and rely on reputable payment and hosting providers. No online service is perfectly secure; use a strong password and don’t reuse it elsewhere.
10. Changes
We’ll bump the date at the top when we change this page. If something material shifts, we’ll also try to tell you by email or in the app.